Monday, September 27, 2010

DRM Library From Microsoft Opens Your Computer to Attacks

Microsoft has been a proponent of DRM (digital rights management) for some time now, and has built in a number of protections to every level of its operating system.

The msnetobj.dll library, an ActiveX Network Object, is no exception: according to BoingBoing, msnetobj.dll “is intended to prevent the owner of a computer from saving or viewing certain files except under limited circumstances, and to prevent the computer's owner from disabling” the library.

Aside from mandating what sort of files you can and can’t open on your computer, msnetobj.dll is susceptible to three different types of attacks: denial of service, buffer overflow, and integer overflow. Exploit Database notes that “this issue is triggered when an attacker convinces a victim user to visit a malicious website” and that a hacker could then exploit these holes to run malicious code on your system.